diff options
author | Martin Holzer <mholzer@gentoo.org> | 2003-09-25 20:11:08 +0000 |
---|---|---|
committer | Martin Holzer <mholzer@gentoo.org> | 2003-09-25 20:11:08 +0000 |
commit | 6ff413465b5ba377d3b4fa6702ff151e77188783 (patch) | |
tree | 017fa6c5f9066346756c7f52268c4d9f60963b1a | |
parent | crash prevention patch - bug #29516 (diff) | |
download | gentoo-2-6ff413465b5ba377d3b4fa6702ff151e77188783.tar.gz gentoo-2-6ff413465b5ba377d3b4fa6702ff151e77188783.tar.bz2 gentoo-2-6ff413465b5ba377d3b4fa6702ff151e77188783.zip |
cleanup
-rw-r--r-- | net-misc/openssh/Manifest | 16 | ||||
-rw-r--r-- | net-misc/openssh/files/digest-openssh-3.6.1_p2-r1 | 3 | ||||
-rw-r--r-- | net-misc/openssh/files/digest-openssh-3.6.1_p2-r2 | 3 | ||||
-rw-r--r-- | net-misc/openssh/files/digest-openssh-3.6.1_p2-r3 | 3 | ||||
-rw-r--r-- | net-misc/openssh/files/digest-openssh-3.7.1_p1 | 3 | ||||
-rw-r--r-- | net-misc/openssh/files/digest-openssh-3.7_p1 | 2 | ||||
-rw-r--r-- | net-misc/openssh/openssh-3.6.1_p2-r1.ebuild | 143 | ||||
-rw-r--r-- | net-misc/openssh/openssh-3.6.1_p2-r2.ebuild | 136 | ||||
-rw-r--r-- | net-misc/openssh/openssh-3.6.1_p2-r3.ebuild | 147 | ||||
-rw-r--r-- | net-misc/openssh/openssh-3.7.1_p1.ebuild | 151 | ||||
-rw-r--r-- | net-misc/openssh/openssh-3.7_p1.ebuild | 146 |
11 files changed, 3 insertions, 750 deletions
diff --git a/net-misc/openssh/Manifest b/net-misc/openssh/Manifest index af6e157b81a4..2bb43220d7b6 100644 --- a/net-misc/openssh/Manifest +++ b/net-misc/openssh/Manifest @@ -1,26 +1,16 @@ MD5 5a3e4fd0a1dce8e747decbad831e1354 ChangeLog 8569 MD5 bf8c9e2ff963deb77f7dd8adf7ad2037 openssh-3.5_p1-r1.ebuild 3932 -MD5 3c2bbd03a745c1e0b2a5e4a6e600b030 openssh-3.6.1_p2-r1.ebuild 4148 MD5 a50daec66d75cc8248da65d91269b359 openssh-3.6.1_p2.ebuild 3948 -MD5 564d864226cf89ea6396748305042fd9 openssh-3.6.1_p2-r2.ebuild 4204 -MD5 9da5e02603f79633fe36e2337d4ae626 openssh-3.6.1_p2-r3.ebuild 4488 -MD5 b95ca58a06be4f68640911f9e64a8c95 openssh-3.7_p1.ebuild 4479 -MD5 6f9d1a7a3d8d84a099f9e8ae724cd750 openssh-3.7.1_p1.ebuild 4665 MD5 baa93c0bb81792f293041775106cda3d openssh-3.7.1_p1-r1.ebuild 4279 MD5 f5e05460d48dbfd326489d60a9618dd9 openssh-3.7.1_p2.ebuild 4161 MD5 f2472f97f00f203eee538d04a25acac5 files/digest-openssh-3.5_p1-r1 136 MD5 3d26d49ccd595bca906f540f5d8b8c31 files/digest-openssh-3.6.1_p2 139 -MD5 3d5afb85b45dafdd05258d53f19a0b61 files/digest-openssh-3.6.1_p2-r1 213 MD5 2cb187d8f60994c5e1b5fef2bcb6e85d files/openssh-3.5_p1-gentoo-sshd-gcc3.patch 315 MD5 b86ae0c43a704c4ee2abd2ce5c955f8f files/sshd.pam 294 MD5 17b2fa077852f2c2990ec97c51bf198b files/sshd.rc6 1233 -MD5 3d5afb85b45dafdd05258d53f19a0b61 files/digest-openssh-3.6.1_p2-r2 213 -MD5 3d5afb85b45dafdd05258d53f19a0b61 files/digest-openssh-3.6.1_p2-r3 213 -MD5 2509087626bbaf1ad026899718167722 files/digest-openssh-3.7_p1 137 -MD5 f7ce823ee079185e2fac5dd59eb61c0b files/digest-openssh-3.7.1_p1 218 MD5 f7ce823ee079185e2fac5dd59eb61c0b files/digest-openssh-3.7.1_p1-r1 218 -MD5 af754a7a6d850621f44547c47f0a60e8 files/openssh-3.7.1_p1-memory-bugs.patch 3497 -MD5 7018b03ec89f38eb3a28da209f1645b2 files/digest-openssh-3.7.1_p2 143 -MD5 f070df558fd67efd545ac77a2749ea6d files/openssh-3.7.1_p1-memory-leak.patch 575 MD5 116c0ddbe11e98eb9724d30193f65d95 files/openssh-3.7.1_p1-connect-timeout.patch 609 MD5 fcdec1634d390aed62b8a6a7e90c4b09 files/openssh-3.7.1_p1-double-free.patch 677 +MD5 af754a7a6d850621f44547c47f0a60e8 files/openssh-3.7.1_p1-memory-bugs.patch 3497 +MD5 f070df558fd67efd545ac77a2749ea6d files/openssh-3.7.1_p1-memory-leak.patch 575 +MD5 7018b03ec89f38eb3a28da209f1645b2 files/digest-openssh-3.7.1_p2 143 diff --git a/net-misc/openssh/files/digest-openssh-3.6.1_p2-r1 b/net-misc/openssh/files/digest-openssh-3.6.1_p2-r1 deleted file mode 100644 index b2dfa929a6ac..000000000000 --- a/net-misc/openssh/files/digest-openssh-3.6.1_p2-r1 +++ /dev/null @@ -1,3 +0,0 @@ -MD5 f3879270bffe479e1bd057aa36258696 openssh-3.6.1p2.tar.gz 879629 -MD5 c425e65927b359382bf3618d265d45f1 openssh_3.6p1-5.se1.diff.bz2 54985 -MD5 ca8e6e61d71c1680c09aefb0f0fec02f openssh-3.6.1p2+x509g2.diff.gz 82452 diff --git a/net-misc/openssh/files/digest-openssh-3.6.1_p2-r2 b/net-misc/openssh/files/digest-openssh-3.6.1_p2-r2 deleted file mode 100644 index b2dfa929a6ac..000000000000 --- a/net-misc/openssh/files/digest-openssh-3.6.1_p2-r2 +++ /dev/null @@ -1,3 +0,0 @@ -MD5 f3879270bffe479e1bd057aa36258696 openssh-3.6.1p2.tar.gz 879629 -MD5 c425e65927b359382bf3618d265d45f1 openssh_3.6p1-5.se1.diff.bz2 54985 -MD5 ca8e6e61d71c1680c09aefb0f0fec02f openssh-3.6.1p2+x509g2.diff.gz 82452 diff --git a/net-misc/openssh/files/digest-openssh-3.6.1_p2-r3 b/net-misc/openssh/files/digest-openssh-3.6.1_p2-r3 deleted file mode 100644 index b2dfa929a6ac..000000000000 --- a/net-misc/openssh/files/digest-openssh-3.6.1_p2-r3 +++ /dev/null @@ -1,3 +0,0 @@ -MD5 f3879270bffe479e1bd057aa36258696 openssh-3.6.1p2.tar.gz 879629 -MD5 c425e65927b359382bf3618d265d45f1 openssh_3.6p1-5.se1.diff.bz2 54985 -MD5 ca8e6e61d71c1680c09aefb0f0fec02f openssh-3.6.1p2+x509g2.diff.gz 82452 diff --git a/net-misc/openssh/files/digest-openssh-3.7.1_p1 b/net-misc/openssh/files/digest-openssh-3.7.1_p1 deleted file mode 100644 index b6a63ae36418..000000000000 --- a/net-misc/openssh/files/digest-openssh-3.7.1_p1 +++ /dev/null @@ -1,3 +0,0 @@ -MD5 f54e574e606c08ef63ebb1ab2f7689dc openssh-3.7.1p1.tar.gz 791161 -MD5 d8f4c22cec973d2e22551455fe5bc28c openssh-3.7.1_p1-selinux.diff.bz2 7677 -MD5 62a83953c4a7fee0309961099c94d760 openssh-3.7.1p1+x509g2.diff.gz 125275 diff --git a/net-misc/openssh/files/digest-openssh-3.7_p1 b/net-misc/openssh/files/digest-openssh-3.7_p1 deleted file mode 100644 index 54595f8df18b..000000000000 --- a/net-misc/openssh/files/digest-openssh-3.7_p1 +++ /dev/null @@ -1,2 +0,0 @@ -MD5 77662801ba2a9cadc0ac10054bc6cb37 openssh-3.7p1.tar.gz 790563 -MD5 c425e65927b359382bf3618d265d45f1 openssh_3.6p1-5.se1.diff.bz2 54985 diff --git a/net-misc/openssh/openssh-3.6.1_p2-r1.ebuild b/net-misc/openssh/openssh-3.6.1_p2-r1.ebuild deleted file mode 100644 index 3d2d0228def8..000000000000 --- a/net-misc/openssh/openssh-3.6.1_p2-r1.ebuild +++ /dev/null @@ -1,143 +0,0 @@ -# Copyright 1999-2003 Gentoo Technologies, Inc. -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-3.6.1_p2-r1.ebuild,v 1.3 2003/09/16 19:32:41 vapier Exp $ - -inherit eutils - -IUSE="ipv6 static pam tcpd kerberos selinux" -IUSE="${IUSE} X509" - -X509_PATCH=${P/_/}+x509g2.diff.gz - -# Make it more portable between straight releases -# and _p? releases. -PARCH=${P/_/} -S=${WORKDIR}/${PARCH} -DESCRIPTION="Port of OpenBSD's free SSH release" -HOMEPAGE="http://www.openssh.com/" -SRC_URI="ftp://ftp.openbsd.org/pub/unix/OpenBSD/OpenSSH/portable/${PARCH}.tar.gz - selinux? ( http://lostlogicx.com/gentoo/openssh_3.6p1-5.se1.diff.bz2 ) - X509? ( http://roumenpetrov.info/openssh/x509g2/${X509_PATCH} )" - -# openssh recognizes when openssl has been slightly upgraded and refuses to run. -# This new rev will use the new openssl. -RDEPEND="virtual/glibc - pam? ( >=sys-libs/pam-0.73 >=sys-apps/shadow-4.0.2-r2 ) - kerberos? ( app-crypt/mit-krb5 ) - selinux? ( sys-apps/selinux-small ) - >=dev-libs/openssl-0.9.6d - sys-libs/zlib" - -DEPEND="${RDEPEND} - dev-lang/perl - sys-apps/groff - tcpd? ( >=sys-apps/tcp-wrappers-7.6 )" - -SLOT="0" -LICENSE="as-is" -KEYWORDS="~x86 ~ppc ~sparc ~alpha ~mips ~hppa ~arm ~amd64" - -src_unpack() { - unpack ${PARCH}.tar.gz - cd ${S} - use selinux && epatch ${DISTDIR}/openssh_3.6p1-5.se1.diff.bz2 - - if [ `use alpha` ]; then - epatch ${FILESDIR}/${PN}-3.5_p1-gentoo-sshd-gcc3.patch || die - fi - - if [ `use X509` ]; then - epatch ${DISTDIR}/${X509_PATCH} || die - fi -} - -src_compile() { - local myconf - use tcpd || myconf="${myconf} --without-tcp-wrappers" - use tcpd && myconf="${myconf} --with-tcp-wrappers" - use pam || myconf="${myconf} --without-pam" - use pam && myconf="${myconf} --with-pam" - use ipv6 || myconf="${myconf} --with-ipv4-default" - - # app-crypt/mit-krb5 - use kerberos && myconf="${myconf} --with-kerberos5" - - # app-crypt/kth-krb - # KTH's implementation of kerberos IV - # KTH_KRB="yes" emerge openssh-3.5_p1-r1.ebuild - if [ ! -z $KTH_KRB ]; then - myconf="${myconf} --with-kerberos4=/usr/athena" - fi - - use selinux && CFLAGS="${CFLAGS} -DWITH_SELINUX" - - ./configure \ - --prefix=/usr \ - --sysconfdir=/etc/ssh \ - --mandir=/usr/share/man \ - --libexecdir=/usr/lib/misc \ - --datadir=/usr/share/openssh \ - --disable-suid-ssh \ - --with-privsep-path=/var/empty \ - --with-privsep-user=sshd \ - --with-md5-passwords \ - --host=${CHOST} ${myconf} || die "bad configure" - - if [ "`use static`" ] - then - # statically link to libcrypto -- good for the boot cd - perl -pi -e "s|-lcrypto|/usr/lib/libcrypto.a|g" Makefile - fi - - if [ "`use selinux`" ] - then - #add -lsecure - sed "s:LIBS=\(.*\):LIBS=\1 -lsecure:" < Makefile > Makefile.new - mv Makefile.new Makefile - fi - - emake || die "compile problem" -} - -src_install() { - make install-files DESTDIR=${D} || die - chmod 600 ${D}/etc/ssh/sshd_config - dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config - insinto /etc/pam.d ; newins ${FILESDIR}/sshd.pam sshd - exeinto /etc/init.d ; newexe ${FILESDIR}/sshd.rc6 sshd - touch ${D}/var/empty/.keep -} - -pkg_preinst() { - - userdel sshd 2> /dev/null - if ! groupmod sshd; then - groupadd -g 90 sshd 2> /dev/null || \ - die "Failed to create sshd group" - fi - useradd -u 22 -g sshd -s /dev/null -d /var/empty -c "sshd" sshd || \ - die "Failed to create sshd user" - -} - -pkg_postinst() { - - # empty dir for the new priv separation auth chroot.. - install -d -m0755 -o root -g root ${ROOT}/var/empty - - einfo - einfo "Remember to merge your config files in /etc/ssh!" - einfo "As of version 3.4 the default is to enable the UsePrivelegeSeparation" - einfo "functionality, but please ensure that you do not explicitly disable" - einfo "this in your configuration as disabling it opens security holes" - einfo - einfo "This revision has removed your sshd user id and replaced it with a" - einfo "new one with UID 22. If you have any scripts or programs that" - einfo "that referenced the old UID directly, you will need to update them." - einfo - if use pam >/dev/null 2>&1; then - einfo "Please be aware users need a valid shell in /etc/passwd" - einfo "in order to be allowed to login." - einfo - fi -} diff --git a/net-misc/openssh/openssh-3.6.1_p2-r2.ebuild b/net-misc/openssh/openssh-3.6.1_p2-r2.ebuild deleted file mode 100644 index d07df51e24d4..000000000000 --- a/net-misc/openssh/openssh-3.6.1_p2-r2.ebuild +++ /dev/null @@ -1,136 +0,0 @@ -# Copyright 1999-2003 Gentoo Technologies, Inc. -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-3.6.1_p2-r2.ebuild,v 1.3 2003/09/16 19:32:41 vapier Exp $ - -inherit eutils flag-o-matic - -# Make it more portable between straight releases -# and _p? releases. -PARCH=${P/_/} -X509_PATCH=${PARCH}+x509g2.diff.gz - -S=${WORKDIR}/${PARCH} -DESCRIPTION="Port of OpenBSD's free SSH release" -HOMEPAGE="http://www.openssh.com/" -IUSE="ipv6 static pam tcpd kerberos selinux X509" -SRC_URI="ftp://ftp.openbsd.org/pub/unix/OpenBSD/OpenSSH/portable/${PARCH}.tar.gz - selinux? ( http://lostlogicx.com/gentoo/openssh_3.6p1-5.se1.diff.bz2 ) - X509? ( http://roumenpetrov.info/openssh/x509g2/${X509_PATCH} )" - -# openssh recognizes when openssl has been slightly upgraded and refuses to run. -# This new rev will use the new openssl. -RDEPEND="virtual/glibc - pam? ( >=sys-libs/pam-0.73 - >=sys-apps/shadow-4.0.2-r2 ) - kerberos? ( app-crypt/mit-krb5 ) - selinux? ( sys-apps/selinux-small ) - afs? ( net-fs/openafs - app-crypt/kth-krb ) : - ( krb4? ( app-crypt/kth-krb ) ) - >=dev-libs/openssl-0.9.6d - sys-libs/zlib - >=sys-apps/sed-4" - -DEPEND="${RDEPEND} - dev-lang/perl - sys-apps/groff - tcpd? ( >=sys-apps/tcp-wrappers-7.6 )" - -SLOT="0" -LICENSE="as-is" -KEYWORDS="~x86 ~ppc ~sparc ~alpha ~mips ~hppa ~arm ~amd64" - -src_unpack() { - unpack ${PARCH}.tar.gz ; cd ${S} - - use selinux && epatch ${DISTDIR}/openssh_3.6p1-5.se1.diff.bz2 - use alpha && epatch ${FILESDIR}/${PN}-3.5_p1-gentoo-sshd-gcc3.patch - use X509 && epatch ${DISTDIR}/${X509_PATCH} -} - -src_compile() { - local myconf - - use tcpd || myconf="${myconf} --without-tcp-wrappers" - use tcpd && myconf="${myconf} --with-tcp-wrappers" - use pam || myconf="${myconf} --without-pam" - use pam && myconf="${myconf} --with-pam" - use ipv6 || myconf="${myconf} --with-ipv4-default" - use krb4 && myconf="${myconf} --with-kerberos4=/usr/athena" - use kerberos && myconf="${myconf} --with-kerberos5" - - if [ "`use afs`" ] && [ "`use krb4`" ]; then - myconf="${myconf} --with-afs" - elif [ "`use afs`" ] && [ -z "`use krb4`" ]; then - myconf="${myconf} --with-afs" - myconf="${myconf} --with-kerberos4=/usr/athena" - fi - - use selinux && append-flags "-DWITH_SELINUX" - - ./configure \ - --prefix=/usr \ - --sysconfdir=/etc/ssh \ - --mandir=/usr/share/man \ - --libexecdir=/usr/lib/misc \ - --datadir=/usr/share/openssh \ - --disable-suid-ssh \ - --with-privsep-path=/var/empty \ - --with-privsep-user=sshd \ - --with-md5-passwords \ - --host=${CHOST} ${myconf} || die "bad configure" - - if [ "`use static`" ] - then - # statically link to libcrypto -- good for the boot cd - sed -i "s:-lcrypto:/usr/lib/libcrypto.a:g" Makefile - fi - - if [ "`use selinux`" ] - then - #add -lsecure - sed -i "s:LIBS=\(.*\):LIBS=\1 -lsecure:" Makefile - fi - - emake || die "compile problem" -} - -src_install() { - make install-files DESTDIR=${D} || die - chmod 600 ${D}/etc/ssh/sshd_config - dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config - insinto /etc/pam.d ; newins ${FILESDIR}/sshd.pam sshd - exeinto /etc/init.d ; newexe ${FILESDIR}/sshd.rc6 sshd - touch ${D}/var/empty/.keep -} - -pkg_preinst() { - userdel sshd 2> /dev/null - if ! groupmod sshd; then - groupadd -g 90 sshd 2> /dev/null || \ - die "Failed to create sshd group" - fi - useradd -u 22 -g sshd -s /dev/null -d /var/empty -c "sshd" sshd || \ - die "Failed to create sshd user" -} - -pkg_postinst() { - # empty dir for the new priv separation auth chroot.. - install -d -m0755 -o root -g root ${ROOT}/var/empty - - einfo - einfo "Remember to merge your config files in /etc/ssh!" - einfo "As of version 3.4 the default is to enable the UsePrivelegeSeparation" - einfo "functionality, but please ensure that you do not explicitly disable" - einfo "this in your configuration as disabling it opens security holes" - einfo - einfo "This revision has removed your sshd user id and replaced it with a" - einfo "new one with UID 22. If you have any scripts or programs that" - einfo "that referenced the old UID directly, you will need to update them." - einfo - if use pam >/dev/null 2>&1; then - einfo "Please be aware users need a valid shell in /etc/passwd" - einfo "in order to be allowed to login." - einfo - fi -} diff --git a/net-misc/openssh/openssh-3.6.1_p2-r3.ebuild b/net-misc/openssh/openssh-3.6.1_p2-r3.ebuild deleted file mode 100644 index c284dc3517f6..000000000000 --- a/net-misc/openssh/openssh-3.6.1_p2-r3.ebuild +++ /dev/null @@ -1,147 +0,0 @@ -# Copyright 1999-2003 Gentoo Technologies, Inc. -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-3.6.1_p2-r3.ebuild,v 1.4 2003/09/16 19:32:41 vapier Exp $ - -inherit eutils flag-o-matic ccc - -# Make it more portable between straight releases -# and _p? releases. -PARCH=${P/_/} -X509_PATCH=${PARCH}+x509g2.diff.gz - -S=${WORKDIR}/${PARCH} -DESCRIPTION="Port of OpenBSD's free SSH release" -HOMEPAGE="http://www.openssh.com/" -IUSE="ipv6 static pam tcpd kerberos selinux X509 skey" -SRC_URI="ftp://ftp.openbsd.org/pub/unix/OpenBSD/OpenSSH/portable/${PARCH}.tar.gz - selinux? ( http://lostlogicx.com/gentoo/openssh_3.6p1-5.se1.diff.bz2 ) - X509? ( http://roumenpetrov.info/openssh/x509g2/${X509_PATCH} )" - -# openssh recognizes when openssl has been slightly upgraded and refuses to run. -# This new rev will use the new openssl. -RDEPEND="virtual/glibc - pam? ( >=sys-libs/pam-0.73 - >=sys-apps/shadow-4.0.2-r2 ) - kerberos? ( app-crypt/mit-krb5 ) - selinux? ( sys-apps/selinux-small ) - afs? ( net-fs/openafs - app-crypt/kth-krb ) : - ( krb4? ( app-crypt/kth-krb ) ) - skey? ( app-admin/skey ) - >=dev-libs/openssl-0.9.6d - sys-libs/zlib - >=sys-apps/sed-4" - -DEPEND="${RDEPEND} - dev-lang/perl - sys-apps/groff - tcpd? ( >=sys-apps/tcp-wrappers-7.6 )" - -SLOT="0" -LICENSE="as-is" -KEYWORDS="~x86 ~alpha" - -src_unpack() { - unpack ${PARCH}.tar.gz ; cd ${S} - - use selinux && epatch ${DISTDIR}/openssh_3.6p1-5.se1.diff.bz2 - use alpha && epatch ${FILESDIR}/${PN}-3.5_p1-gentoo-sshd-gcc3.patch - use X509 && epatch ${DISTDIR}/${X509_PATCH} -} - -src_compile() { - local myconf - - use tcpd || myconf="${myconf} --without-tcp-wrappers" - use tcpd && myconf="${myconf} --with-tcp-wrappers" - use pam || myconf="${myconf} --without-pam" - use pam && myconf="${myconf} --with-pam" - use ipv6 || myconf="${myconf} --with-ipv4-default" - use krb4 && myconf="${myconf} --with-kerberos4=/usr/athena" - use kerberos && myconf="${myconf} --with-kerberos5" - use skey || myconf="${myconf} --without-skey" - use skey && { - myconf="${myconf} --with-skey" - - # prevent the conftest from violating the sandbox - sed -i 's#skey_keyinfo("")#"true"#g' ${S}/configure - - # make sure .sbss is large enough - use alpha && append-ldflags -mlarge-data - } - - if [ "`use afs`" ] && [ "`use krb4`" ]; then - myconf="${myconf} --with-afs" - elif [ "`use afs`" ] && [ -z "`use krb4`" ]; then - myconf="${myconf} --with-afs" - myconf="${myconf} --with-kerberos4=/usr/athena" - fi - - use selinux && append-flags "-DWITH_SELINUX" - - ./configure \ - --prefix=/usr \ - --sysconfdir=/etc/ssh \ - --mandir=/usr/share/man \ - --libexecdir=/usr/lib/misc \ - --datadir=/usr/share/openssh \ - --disable-suid-ssh \ - --with-privsep-path=/var/empty \ - --with-privsep-user=sshd \ - --with-md5-passwords \ - --host=${CHOST} ${myconf} || die "bad configure" - - if [ "`use static`" ] - then - # statically link to libcrypto -- good for the boot cd - sed -i "s:-lcrypto:/usr/lib/libcrypto.a:g" Makefile - fi - - if [ "`use selinux`" ] - then - #add -lsecure - sed -i "s:LIBS=\(.*\):LIBS=\1 -lsecure:" Makefile - fi - - emake || die "compile problem" -} - -src_install() { - make install-files DESTDIR=${D} || die - chmod 600 ${D}/etc/ssh/sshd_config - dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config - insinto /etc/pam.d ; newins ${FILESDIR}/sshd.pam sshd - exeinto /etc/init.d ; newexe ${FILESDIR}/sshd.rc6 sshd - touch ${D}/var/empty/.keep -} - -pkg_preinst() { - userdel sshd 2> /dev/null - if ! groupmod sshd; then - groupadd -g 90 sshd 2> /dev/null || \ - die "Failed to create sshd group" - fi - useradd -u 22 -g sshd -s /dev/null -d /var/empty -c "sshd" sshd || \ - die "Failed to create sshd user" -} - -pkg_postinst() { - # empty dir for the new priv separation auth chroot.. - install -d -m0755 -o root -g root ${ROOT}/var/empty - - einfo - einfo "Remember to merge your config files in /etc/ssh!" - einfo "As of version 3.4 the default is to enable the UsePrivelegeSeparation" - einfo "functionality, but please ensure that you do not explicitly disable" - einfo "this in your configuration as disabling it opens security holes" - einfo - einfo "This revision has removed your sshd user id and replaced it with a" - einfo "new one with UID 22. If you have any scripts or programs that" - einfo "that referenced the old UID directly, you will need to update them." - einfo - if use pam >/dev/null 2>&1; then - einfo "Please be aware users need a valid shell in /etc/passwd" - einfo "in order to be allowed to login." - einfo - fi -} diff --git a/net-misc/openssh/openssh-3.7.1_p1.ebuild b/net-misc/openssh/openssh-3.7.1_p1.ebuild deleted file mode 100644 index 8bbd76f12b6a..000000000000 --- a/net-misc/openssh/openssh-3.7.1_p1.ebuild +++ /dev/null @@ -1,151 +0,0 @@ -# Copyright 1999-2003 Gentoo Technologies, Inc. -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-3.7.1_p1.ebuild,v 1.7 2003/09/20 01:02:37 pebenito Exp $ - -inherit eutils flag-o-matic ccc -[ `use kerberos` ] && append-flags -I/usr/include/gssapi - -# Make it more portable between straight releases -# and _p? releases. -PARCH=${P/_/} - -X509_PATCH=${PARCH}+x509g2.diff.gz -SELINUX_PATCH=openssh-3.7.1_p1-selinux.diff.bz2 - -S=${WORKDIR}/${PARCH} -DESCRIPTION="Port of OpenBSD's free SSH release" -HOMEPAGE="http://www.openssh.com/" -IUSE="ipv6 static pam tcpd kerberos skey selinux X509" -SRC_URI="ftp://ftp.openbsd.org/pub/unix/OpenBSD/OpenSSH/portable/${PARCH}.tar.gz - selinux? ( http://dev.gentoo.org/~pebenito/${SELINUX_PATCH} ) - X509? ( http://roumenpetrov.info/openssh/x509g2/${X509_PATCH} )" - -# openssh recognizes when openssl has been slightly upgraded and refuses to run. -# This new rev will use the new openssl. -RDEPEND="virtual/glibc - pam? ( >=sys-libs/pam-0.73 - >=sys-apps/shadow-4.0.2-r2 ) - kerberos? ( app-crypt/mit-krb5 ) - selinux? ( sys-apps/selinux-small ) - afs? ( net-fs/openafs - app-crypt/kth-krb ) : - ( krb4? ( app-crypt/kth-krb ) ) - skey? ( app-admin/skey ) - >=dev-libs/openssl-0.9.6d - sys-libs/zlib - >=sys-apps/sed-4" - -DEPEND="${RDEPEND} - dev-lang/perl - sys-apps/groff - tcpd? ( >=sys-apps/tcp-wrappers-7.6 )" - -SLOT="0" -LICENSE="as-is" -KEYWORDS="x86 ppc sparc alpha mips hppa arm amd64 ia64" - -src_unpack() { - unpack ${PARCH}.tar.gz ; cd ${S} - - use selinux && epatch ${DISTDIR}/${SELINUX_PATCH} - use alpha && epatch ${FILESDIR}/${PN}-3.5_p1-gentoo-sshd-gcc3.patch - use X509 && epatch ${DISTDIR}/${X509_PATCH} -} - -src_compile() { - local myconf - - use tcpd || myconf="${myconf} --without-tcp-wrappers" - use tcpd && myconf="${myconf} --with-tcp-wrappers" - use pam || myconf="${myconf} --without-pam" - use pam && myconf="${myconf} --with-pam" - use ipv6 || myconf="${myconf} --with-ipv4-default" - use krb4 && myconf="${myconf} --with-kerberos4=/usr/athena" - use kerberos && myconf="${myconf} --with-kerberos5" - use skey || myconf="${myconf} --without-skey" - use skey && { - myconf="${myconf} --with-skey" - - # prevent the conftest from violating the sandbox - sed -i 's#skey_keyinfo("")#"true"#g' ${S}/configure - - # make sure .sbss is large enough - use alpha && append-ldflags -mlarge-data - } - - if [ "`use afs`" ] && [ "`use krb4`" ]; then - myconf="${myconf} --with-afs" - elif [ "`use afs`" ] && [ -z "`use krb4`" ]; then - myconf="${myconf} --with-afs" - myconf="${myconf} --with-kerberos4=/usr/athena" - fi - - use selinux && append-flags "-DWITH_SELINUX" - - ./configure \ - --prefix=/usr \ - --sysconfdir=/etc/ssh \ - --mandir=/usr/share/man \ - --libexecdir=/usr/lib/misc \ - --datadir=/usr/share/openssh \ - --disable-suid-ssh \ - --with-privsep-path=/var/empty \ - --with-privsep-user=sshd \ - --with-md5-passwords \ - --host=${CHOST} ${myconf} || die "bad configure" - - if [ "`use static`" ] - then - # statically link to libcrypto -- good for the boot cd - sed -i "s:-lcrypto:/usr/lib/libcrypto.a:g" Makefile - fi - - if [ "`use selinux`" ] - then - #add -lsecure - sed -i "s:LIBS=\(.*\):LIBS=\1 -lsecure:" Makefile - fi - - emake || die "compile problem" -} - -src_install() { - make install-files DESTDIR=${D} || die - chmod 600 ${D}/etc/ssh/sshd_config - dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config - insinto /etc/pam.d ; newins ${FILESDIR}/sshd.pam sshd - exeinto /etc/init.d ; newexe ${FILESDIR}/sshd.rc6 sshd - touch ${D}/var/empty/.keep -} - -pkg_preinst() { - userdel sshd 2> /dev/null - if ! groupmod sshd; then - groupadd -g 90 sshd 2> /dev/null || \ - die "Failed to create sshd group" - fi - useradd -u 22 -g sshd -s /dev/null -d /var/empty -c "sshd" sshd || \ - die "Failed to create sshd user" -} - -pkg_postinst() { - # empty dir for the new priv separation auth chroot.. - install -d -m0755 -o root -g root ${ROOT}/var/empty - - ewarn "Remember to merge your config files in /etc/ssh/ and then" - ewarn "restart sshd: '/etc/init.d/sshd restart'." - ewarn - einfo "As of version 3.4 the default is to enable the UsePrivelegeSeparation" - einfo "functionality, but please ensure that you do not explicitly disable" - einfo "this in your configuration as disabling it opens security holes" - einfo - einfo "This revision has removed your sshd user id and replaced it with a" - einfo "new one with UID 22. If you have any scripts or programs that" - einfo "that referenced the old UID directly, you will need to update them." - einfo - if use pam >/dev/null 2>&1; then - einfo "Please be aware users need a valid shell in /etc/passwd" - einfo "in order to be allowed to login." - einfo - fi -} diff --git a/net-misc/openssh/openssh-3.7_p1.ebuild b/net-misc/openssh/openssh-3.7_p1.ebuild deleted file mode 100644 index d0ce8bfc10d1..000000000000 --- a/net-misc/openssh/openssh-3.7_p1.ebuild +++ /dev/null @@ -1,146 +0,0 @@ -# Copyright 1999-2003 Gentoo Technologies, Inc. -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-3.7_p1.ebuild,v 1.6 2003/09/17 04:06:24 vapier Exp $ - -inherit eutils flag-o-matic ccc -[ `use kerberos` ] && append-flags -I/usr/include/gssapi - -# Make it more portable between straight releases -# and _p? releases. -PARCH=${P/_/} - -S=${WORKDIR}/${PARCH} -DESCRIPTION="Port of OpenBSD's free SSH release" -HOMEPAGE="http://www.openssh.com/" -IUSE="ipv6 static pam tcpd kerberos skey selinux" -SRC_URI="ftp://ftp.openbsd.org/pub/unix/OpenBSD/OpenSSH/portable/${PARCH}.tar.gz - selinux? ( http://lostlogicx.com/gentoo/openssh_3.6p1-5.se1.diff.bz2 )" - -# openssh recognizes when openssl has been slightly upgraded and refuses to run. -# This new rev will use the new openssl. -RDEPEND="virtual/glibc - pam? ( >=sys-libs/pam-0.73 - >=sys-apps/shadow-4.0.2-r2 ) - kerberos? ( app-crypt/mit-krb5 ) - selinux? ( sys-apps/selinux-small ) - afs? ( net-fs/openafs - app-crypt/kth-krb ) : - ( krb4? ( app-crypt/kth-krb ) ) - skey? ( app-admin/skey ) - >=dev-libs/openssl-0.9.6d - sys-libs/zlib - >=sys-apps/sed-4" - -DEPEND="${RDEPEND} - dev-lang/perl - sys-apps/groff - tcpd? ( >=sys-apps/tcp-wrappers-7.6 )" - -SLOT="0" -LICENSE="as-is" -KEYWORDS="x86 ppc sparc alpha mips hppa arm amd64" - -src_unpack() { - unpack ${PARCH}.tar.gz ; cd ${S} - - use selinux && epatch ${DISTDIR}/openssh_3.6p1-5.se1.diff.bz2 - use alpha && epatch ${FILESDIR}/${PN}-3.5_p1-gentoo-sshd-gcc3.patch -} - -src_compile() { - local myconf - - use tcpd || myconf="${myconf} --without-tcp-wrappers" - use tcpd && myconf="${myconf} --with-tcp-wrappers" - use pam || myconf="${myconf} --without-pam" - use pam && myconf="${myconf} --with-pam" - use ipv6 || myconf="${myconf} --with-ipv4-default" - use krb4 && myconf="${myconf} --with-kerberos4=/usr/athena" - use kerberos && myconf="${myconf} --with-kerberos5" - use skey || myconf="${myconf} --without-skey" - use skey && { - myconf="${myconf} --with-skey" - - # prevent the conftest from violating the sandbox - sed -i 's#skey_keyinfo("")#"true"#g' ${S}/configure - - # make sure .sbss is large enough - use alpha && append-ldflags -mlarge-data - } - - if [ "`use afs`" ] && [ "`use krb4`" ]; then - myconf="${myconf} --with-afs" - elif [ "`use afs`" ] && [ -z "`use krb4`" ]; then - myconf="${myconf} --with-afs" - myconf="${myconf} --with-kerberos4=/usr/athena" - fi - - use selinux && append-flags "-DWITH_SELINUX" - - ./configure \ - --prefix=/usr \ - --sysconfdir=/etc/ssh \ - --mandir=/usr/share/man \ - --libexecdir=/usr/lib/misc \ - --datadir=/usr/share/openssh \ - --disable-suid-ssh \ - --with-privsep-path=/var/empty \ - --with-privsep-user=sshd \ - --with-md5-passwords \ - --host=${CHOST} ${myconf} || die "bad configure" - - if [ "`use static`" ] - then - # statically link to libcrypto -- good for the boot cd - sed -i "s:-lcrypto:/usr/lib/libcrypto.a:g" Makefile - fi - - if [ "`use selinux`" ] - then - #add -lsecure - sed -i "s:LIBS=\(.*\):LIBS=\1 -lsecure:" Makefile - fi - - emake || die "compile problem" -} - -src_install() { - make install-files DESTDIR=${D} || die - chmod 600 ${D}/etc/ssh/sshd_config - dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config - insinto /etc/pam.d ; newins ${FILESDIR}/sshd.pam sshd - exeinto /etc/init.d ; newexe ${FILESDIR}/sshd.rc6 sshd - touch ${D}/var/empty/.keep -} - -pkg_preinst() { - userdel sshd 2> /dev/null - if ! groupmod sshd; then - groupadd -g 90 sshd 2> /dev/null || \ - die "Failed to create sshd group" - fi - useradd -u 22 -g sshd -s /dev/null -d /var/empty -c "sshd" sshd || \ - die "Failed to create sshd user" -} - -pkg_postinst() { - # empty dir for the new priv separation auth chroot.. - install -d -m0755 -o root -g root ${ROOT}/var/empty - - ewarn "Remember to merge your config files in /etc/ssh/ and then" - ewarn "restart sshd: '/etc/init.d/sshd restart'." - ewarn - einfo "As of version 3.4 the default is to enable the UsePrivelegeSeparation" - einfo "functionality, but please ensure that you do not explicitly disable" - einfo "this in your configuration as disabling it opens security holes." - einfo - einfo "This revision has removed your sshd user id and replaced it with a" - einfo "new one with UID 22. If you have any scripts or programs that" - einfo "that referenced the old UID directly, you will need to update them." - einfo - if use pam >/dev/null 2>&1; then - einfo "Please be aware users need a valid shell in /etc/passwd" - einfo "in order to be allowed to login." - einfo - fi -} |